[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: File permissions (Was: Re: pserver vs. ssh - performance ...)

From: Larry Jones
Subject: Re: File permissions (Was: Re: pserver vs. ssh - performance ...)
Date: Tue, 22 May 2001 11:52:41 -0400 (EDT)

Hugo van der Merwe writes:
> Now I wonder, as any of those users can modify any file in this
> structure, is "trust" the only way I can stop them from messing with my
> other projects?

The way you have things currently set up, yes.

> (Must I create a second repository with different "group
> ownership" for this?)

You don't have to go that far -- you can set the ownership of different
directories in a single repository so that only users in a particular
group can read and/or write them.

> Secondly, with any user being able to modify
> CVSROOT, as what user does the commands get executed, e.g. commit mails
> from commitinfo... these run as the user doing the commit I assume? 

That's correct.

> That
> means any user can cause any other user to run an arbitrary command as
> himself... ?

That's also correct.  But CVSROOT is just a directory like any other
directory -- if you change it to be owned by a different group and only
give that group write privilege, then only memebers of that group will
be able to change the files in it.

-Larry Jones

I keep forgetting that rules are only for little nice people. -- Calvin

reply via email to

[Prev in Thread] Current Thread [Next in Thread]